You have been subscribed to a public bug by Kees Cook (kees): When mounting a fuse filesystem (such as glusterfs) with the 'default_permissions, allow_others' options, the kernel will completely ignore the default_permissions check and allow anybody to manipulate any file on the mounted filesystem.
I think this is due to a shadowing bug described here: http://readlist.com/lists/vger.kernel.org/linux-kernel/93/468712.html I've downloaded the latest hardy kernel source and it appears that fs/fuse/dir.c remains unpatched (line 906). ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- fuse 'default_permissions' check ignored by kernel https://bugs.launchpad.net/bugs/244319 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
